Commentary

Truth Behind Digital Privacy And Controls

The consumer experience is in jeopardy, with personalization through AI playing an important role in advertising.

Data analysis of terms of service (ToS) and privacy policies (PP) across 57 influential digital companies is sparking conversations about regulatory reforms and user advocacy. It's about to change the digital ad industry.

With so much attention given to data and privacy, it highlights the ways companies compromise consumer privacy, although they tell consumers otherwise.

The data reveals that 80% of companies provide vague terms around data retention, allowing indefinite data storage with limited user controls. Among the 57 companies analyzed, only Apple had a positive outcome related to its privacy protections, according to Website Planet, which provides online security research.

advertisement

advertisement

Approximately 61% of companies -- namely Google, PayPal, Temu, and Tesla -- do not specify what their security measures are for payment information, and were identified with a red flag. This raises concerns about their protection of financial transactions.

This research primarily relied on manual data collection. Companies were selected based on the volume of user data they handle. Each relevant website was individually accessed to obtain key documents, including ToS and PP for analysis. Companies analyzed include Apple, Nvidia, DeepMind, Fortinet, Reddit, Meta, TikTok, Adobe, Grammarly, Netflix, GM, PayPal, Shopity and many others. 

AI tools were used to process the documents, focusing on identifying and extracting key information related to user privacy and control.

The extracted data was organized into a structured format for analysis.

The data shows that no one company granted users full ownership of their content without major licensing requirements, raising questions about user rights over their own content on these platforms.

Ninety percent of companies offer minimal protections for children’s data -- an area where stronger, more specific policies are needed to safeguard younger users during a time when Australia recently approved a social-media ban for children under age 16. This is considered one of the world's toughest regulations targeting big tech companies.

While Website Planet’s findings reveal that the agreements it uncovered serve the interests of the companies that offer them, they often compromise user rights, privacy, and control. Mandatory arbitration clauses, for example, limit users' legal options, often favoring the corporations rather than consumer interests.

Companies that engage in extensive data collection and share data broadly with various entities use complex legal language and detailed terms, along with mandatory arbitration clauses, complicated users' understanding of their rights and the full scope of data collection and sharing, despite consent terms.

Companies that practice extensive data collection include Amazon, Google, Facebook, TikTok, 23andMe, and Tesla. For example, TikTok has extensive data collection, broad content rights and mandatory arbitration that spurs concerns around arbitration and its data practices.

The primary privacy risk across these companies is the potential to compromise user privacy due to extensive data collection and sharing practices.

Mandatory arbitration clauses and complex terms can significantly limit users’ ability to protect their rights and seek recourse.

The complexity and lack of clarity in terms hinder users’ understanding and management of their privacy settings.

These findings highlight the necessity of thoroughly reading and understanding these agreements before consenting, to ensure users can safeguard their privacy and maintain control over their personal data.

The data also identified companies that tend to protect consumer data such as Apple, DuckDuckGo, ProtonMail, Brave, Mozilla, Nextcloud, and NordVPN. And those that have clear and simple language like DuckDuckGo, Mozilla, Brave, among others.

But quirky language can also be incorporated, according to Website Planet. Companies like MailChimp and Instagram often balance legal precision with a hint of personality, making their terms more relatable and occasionally entertaining. 

 
1 comment about "Truth Behind Digital Privacy And Controls".
Check to receive email when comments are posted.
  1. Alice Sylvester from Sequent Partners, December 17, 2024 at 11:09 a.m.

    Totally concur with the current state of privacy terms. It must be inconvenient for companies to do things better. I'm assuming good will here, rather than thinking the poor practices are somehow more nefarious.  I worry that this will bite the industry in a really big way; we're not doing a good job of this -- sometimes you can't even find privacy statements/opt-out sections of brand websites. 

    I recently encountered another surprising example of a privacy "land grab." When I was making an appointment to visit Santa at the mall with my grandchildren, I had to sign away rights to the childrens' images everywhere in the world, and in perpetuity.  Why should i have to surrender control of those images? What possible use could the company make of them? Seems like an extreme and completely unnecessary ownership over-reach.  

Next story loading loading..